﻿<!--#include file="../lib/base.asp"-->
<!--#include file="../theme.asp"-->
<%
dim act:act=lcase(sdcms.fget("act",0))
dim u:u=sdcms.getint(sdcms.fget("u",0),0)
select case act
	case "checkpass":checkpass()
	case "checkdb":checkdb()
	case else
		sdcms.show theme_usergetpass,""
end select

sub checkpass()
	if sdcms.getsys("mailtype")="" then
		sdcms.ajaxjson "系统未开启邮件设置，请联系管理员找回密码",0
		exit sub
	end if
	dim t0,t1,data
	t0=sdcms.enhtml(sdcms.fpost("emailpass",0))
	t1=sdcms.enhtml(sdcms.fpost("imgcode",0))
	if sdcms.strlen(t0)=0 then
		sdcms.ajaxjson "电子邮箱不能为空",0
		exit sub
	end if
	if not(sdcms.checkstr(t0,"email")) then
		sdcms.ajaxjson "邮箱格式不正确",0
		exit sub
	end if
	data=sdcms.db.dbcount("sd_user","email='"&t0&"'")
	if data<=0 then
		sdcms.ajaxjson "您输入的电子邮箱不存在",0
		exit sub
	end if
	if sdcms.strlen(t1)=0 then
		sdcms.ajaxjson "验证码不能为空",0
		exit sub
	end if
	if sdcms.loadsession("imgcode")<>t1 then
		sdcms.ajaxjson "验证码错误",0
		exit sub
	end if
	'生成随机字符
	dim somecode:somecode=sdcms.getrnd(10)
	sdcms.db.dbupdate "sd_user","email='"&t0&"'",array(array("somecode",somecode,0,1))
	'发送激活邮件
	dim subject,body
	subject=sdcms.getsys("passtitle")
	body=sdcms.dehtml(sdcms.getsys("passcontent"))
	body=replace(body,"{webname}",sdcms.getsys("webname"))
	body=replace(body,"{url}","{weburl}/sdcms/user/getpass.asp?u=1&uid="&t0&"&code="&somecode&"")
	body=replace(body,"{weburl}",weburl)
	sdcms.sendmail t0,subject,body
	sdcms.ajaxjson "&#23494;&#30721;&#37325;&#32622;&#30340;&#39564;&#35777;&#37038;&#20214;&#24050;&#21457;&#36865;&#44;&#35831;&#21040;&#24744;&#30340;&#37038;&#31665;"&t0&"&#20013;&#26597;&#25910;&#25805;&#20316;",1
end sub

sub checkdb()
	dim data,t0,t1
	dim uid,code
	uid=sdcms.enhtml(sdcms.fget("uid",0))
	code=sdcms.enhtml(sdcms.fget("code",0))
	t0=sdcms.enhtml(sdcms.fpost("password",0))
	t1=sdcms.enhtml(sdcms.fpost("repass",0))
	if sdcms.strlen(uid)=0 or sdcms.strlen(code)=0 then
		sdcms.ajaxjson "&#21442;&#25968;&#38169;&#35823;&#65292;&#26080;&#27861;&#37325;&#32622;&#23494;&#30721;",0
		exit sub
	end if
	data=sdcms.db.dbcount("sd_user","email='"&uid&"' and somecode='"&code&"'")
	if data<=0 then
		sdcms.ajaxjson "&#21442;&#25968;&#38169;&#35823;&#65292;&#26080;&#27861;&#37325;&#32622;&#23494;&#30721;",0
		exit sub
	else
		if sdcms.strlen(t0)=0 then
			sdcms.ajaxjson "新密码不能为空",0
			exit sub
		end if
		if not(sdcms.checkstr(t0,"password")) then
			sdcms.ajaxjson "新密码格式不正确",0
			exit sub
		end if
		if sdcms.strlen(t1)=0 then
			sdcms.ajaxjson "确认密码不能为空",0
			exit sub
		end if
		if t0<>t1 then
			sdcms.ajaxjson "两次密码输入不一致",0
			exit sub
		end if
		sdcms.db.dbupdate "sd_user","email='"&uid&"'",array(array("password",md5(t0),0,1),array("somecode","",0,1))
		sdcms.ajaxjson "&#23494;&#30721;&#35774;&#32622;&#25104;&#21151;&#65292;&#35831;&#20351;&#29992;&#26032;&#23494;&#30721;&#30331;&#24405;",1
	end if
end sub
sdcms.db.dbclose
%>